If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

The answers to your questions can be found here at this site by using the search engine on the upper right hand area of the main page and also by using www.google.com. Just enter: securing my windows computer.

Securing your windows computer is exactly what your questions are about. If you go and do just a little reading and studying you and your friend will not find yourself asking those questions.

The answers to your questions can be found here at this site by using the search engine on the upper right hand area of the main page and also by using www.google.com. Just enter: securing my windows computer.

The version of Windows is an important consideration here. With windows 9x/ME, gaining complete control of the operating system is a bit more difficult because there are very few network services running on the system. Even so, it is still possible. Recent RPC exploits would allow an attacker to gain control over a system without using a trojan.

If Windows 2000/XP is your OS of choice then, yes it is very easy to get complete control of the system. It may be as simple as cracking a password to log into the telnet server with (if the telnet server is enabled of course). Password cracking can also be applied against Microsoft's terminal services. Once a password is found, it's as simple as making a Remote Desktop connection to the system. Besides this, attacking an unpatched windows server with a known exploit is trivial.

Lastly, an attacker may be creative enough to convince you (through an email or some other form of social engineering) to open your XP pro desktop for remote support, which also uses RDP (remote desktop protocol).

As for the integrated firewall, it must be enabled before any protection is afforded. If the firewall is enabled, then any exploits directed at network services on the system will be dropped. If an IE flaw is exploited, the attacker may be able to coax your system into downloading a backdoor (e.g. Netbus Pro), but the attacker still would not be able to connect to the backdoor due to the integrated firewall.